A bypass was discovered for Cloudflare WAF that allows Remote Code Execution (RCE) using the payload: '; ls -la; #. This vulnerability can be exploited to execute arbitrary commands on the server protected by Cloudflare WAF. Detailed technical information can be found in this blog post.
For more insights, check out the original tweet here: https://twitter.com/0xhelloworld_/status/1850578017313288486. And don’t forget to follow @0xhelloworld_ for more exciting updates in the world of cybersecurity.